3 Answers
3

Allowing your script to run command-line tools may or may not be secure. It depends greatly on what you are doing.
Consider the following two scenarios:

A script that runs ls /tmp and displays the output
This is probably fine. You may have an information leak (someone hitting the page knows the contents of /tmp on the server, which may give them ideas on how to bypass your security).

A script that greps for a user-specified string in a file
This is probably NOT fine: The script will call something like system("grep $user_string /some/file"), and a creative attacker can figure out what it's doing, insert an extra ; into the $user_string bit, and then run arbitrary code as the web server's user.

There are mitigating steps you can take to deal with (2) above (PHP has escapeshellarg() and escapeshellcmd() to help you out), but the bottom line is any time you allow a web application to execute commands you open yourself up for command injection attacks, and you need to thoroughly plan, audit and secure your code (including the command you're calling) to make sure you don't leave yourself open to attack.

If what you are trying to do can be accomplished with (securely-written) native PHP that's almost always a better option for both speed and security.

What I would suggest is I write up a shell script that includes any and all commands that needs to be run. So PHP would not be running the command directly rather using the wrapper script to accomplish what is required. Further, you could use sudo and edit sudoers as necessary to help you run commands that need higher privileges.